Bribery law: time to act

The UK's new Bribery Act applies not only to UK-based companies but also to those carrying on business in the UK, and to any persons 'associated' with such a business, including employees, agents and joint venture partners. Companies must therefore implement urgently a compliance programme to minimise the risk of bribery - which may be corrupt payments, lavish hospitality or small, unofficial payments - being undertaken on their behalf

The Bribery Act that came into force in the UK in July makes ‘failing to prevent bribery’ a criminal offence for commercial organisations. Richard Sallybanks and Shaul Brazil, BCL Burton Copeland, look at procedures that can be put in place to prevent bribery by ‘associated’ persons and to ensure appropriate action is taken.

The Bribery Act that came into force in the UK on 1 July 2011 creates two general offences of bribing another person and being bribed, and a discrete offence of bribery of a foreign public official. In addition, section 7 of the Act introduces for the first time an offence whereby a ‘relevant commercial organisation’ (i.e. one incorporated/formed in the UK or one that is incorporated/formed elsewhere, but carries on business in the UK) is guilty of an offence if a person ‘associated’ with it (such as an employee, agent or joint venture partner) offers, promises or gives a bribe with the intention to obtain or retain business or an advantage in the conduct of business for that organisation.

This last offence is commonly characterised as ‘failing to prevent bribery’ and can only be committed by a company, not an individual. It is also an offence of strict liability, meaning that if bribery is committed on behalf of a company by a person ‘associated” with it, such as an agent, it may give rise to criminal liability for the company (with the risk of an unlimited fine, debarment from public procurement contracts, and reputational damage) notwithstanding that the directors were unaware of the conduct.

Richard Sallybanks, Partner

Thankfully, however, the company will have a complete defence if it can prove that it ‘had in place adequate procedures designed to prevent persons associated with [it] from undertaking such conduct’ (i.e. offering, promising or giving a bribe).

There remains the larger ambiguity of what constitutes a bribe. Bribery may come in different forms, including large corrupt payments made to obtain or retain business, lavish hospitality intended to influence a public official, and small unofficial ‘facilitation’ payments to expedite the performance of a routine or necessary action such as the granting of a visa.

All are illegal under the new law, and although the government has sought to reassure business that the Act ‘is not intended to prohibit reasonable and proportionate hospitality and promotional or other similar business expenditure intended for these purposes’, it has nevertheless emphasised ‘that hospitality and promotional or other similar business expenditure can be employed as bribes’. The Act, therefore, employs the concept of what an ordinary person would think, but, as with adequate procedures, the question of what amounts to a bribe will remain ambiguous until clarified by the Court.

UK business has raised grave concerns about the scope of the Act and how it could harm their competitiveness as against businesses beyond the Act’s reach. Unsurprisingly, the section 7-offence has provoked much controversy.

Ministry of Justice guidance

The UK Ministry of Justice has recently introduced long awaited guidance on the Act, which is intended to help companies understand the types of procedures that they can put in place to prevent bribery by ‘associated’ persons. However, while the guidance suggests areas that should be covered by appropriate procedures, it acknowledges that the challenges faced by SMEs will differ from those of large multinational enterprises.

Rather than adopting a prescriptive, one-size-fits-all approach, it incorporates flexibility by being based on six core principles:

Proportionate procedures: maintaining bribery prevention policies that are proportionate to the nature, scale and complexity of the organisation’s activities, as well as to the risks that it faces.

Top level commitment: ensuring that senior management establishes a culture across the organisation in which bribery is unacceptable, which may include top-level communication of the organisation’s anti-bribery stance and being involved in the development of bribery prevention policies.

Risk assessment: conducting periodic, informed and documented assessments of the internal and external risks of bribery in the relevant business sector and market.

Due diligence: applying due diligence procedures that are proportionate to the risks faced by the organisation; since an organis-ation’s employees are ‘associated’ persons, appropriate due diligence may become part of recruitment and HR procedures.

Communication and training: ensuring that bribery prevention policies are understood and embedded throughout the organisation through education and awareness.

Monitoring and review: putting in place auditing and financial controls that are sensitive to bribery, including consideration of obtaining external verification of the effectiveness of an organisation’s anti-bribery procedures.

The guidance includes a number of illustrative case studies, and businesses would be well advised to review these and the guidance closely. Ultimately, however, the question of whether an organisation has adequate procedures will turn on the particular facts of the case; ambiguities surrounding ‘adequate procedures’ will gradually be resolved by the Court, as the authorities prosecute organisations that fall foul of the legislation.

self-reporting and reducing risks

Of course, there will always be the potential for bribery to take place in relation to a company’s business regardless of the procedures put in place to prevent it. If bribery is identified, what does the company do? Should it report the matter to the authorities and, if so, how can it mitigate the risk that a prosecution will follow?

Joint guidance issued by the Director of the Serious Fraud Office (SFO) and the Director of Public Prosecutions (DPP) acknowledges that the Act ‘is not intended to penalise ethically run companies that encounter a risk of bribery’ and that ‘a single instance of bribery does not necessarily mean that a company’s procedures are inadequate’. Consistent with this, the SFO and DPP have also made it clear that the public interest factors in favour of or against a criminal prosecution of a company include whether there has been a history (or not) of similar conduct.

Therefore, a company that has genuinely and appropriately tried to prevent bribery but has failed may avoid prosecution if it can show that the conduct was an isolated incident. However, it is clear that the more prevalent bribery is within the organisation, the greater the risk of prosecution. So, what does a company do if it identifies bribery within its organisation that has been ongoing or is part of an established business practice? Perhaps counter-intuitively, the company’s best interests may still lie in reporting the matter to the authorities.

Companies should note that if they do not self-report and bribery within their organisation is reported to the SFO by a third party (such as a disgruntled competitor), this will be viewed as a significant aggravating factor tending in favour of prosecution. Conversely, self-reporting (when allied with a genuinely proactive approach from senior management, including a comprehensive internal investigation, remedial action and a commitment to effective corporate compliance going forward) can result in the possible resolution of the matter by civil, as opposed to criminal, proceedings. The availability of a civil remedy, namely proceedings to recover monies obtained in connection with the corrupt conduct, is a factor tending against prosecution but this will be on offer only if the company self-reports in the way described above.

In any event, the company may have little choice but to self-report, as the Bribery Act provisions cannot be considered in isolation. There is a real risk that monies obtained by a company in connection with a corruptly obtained contract would be considered ‘criminal property’ under the Proceeds of Crime Act 2002. The company (and its directors, once informed of the suspicion that the contract was won through corruption) would be at risk of committing money laundering offences unless it disclosed that fact to the appropriate authority, the Serious Organised Crime Agency (SOCA), as soon as practicable.

A disclosure to SOCA will give rise to the likelihood of the information being passed to the SFO, giving the company little choice but to report the underlying conduct to the SFO simultaneously.

In conclusion, it is clear that, subject to resources, the Act will be vigorously enforced, not least in the shadow of the bruising criticism of the authorities following the settlements in the BAE and other recent cases and the long-standing criticism of the UK for not treating corruption with sufficient seriousness, particularly in the international context.

Companies clearly, therefore, need to implement a compliance programme to minimise the risk of bribery being undertaken on their behalf. Adequate procedures are likely to include the involvement of senior management in establishing an anti-corruption culture, assessment of the company's exposure to bribery risk, due diligence on business partners, and in-house training.

transparent recording

By way of practical example, companies that have engaged the services of intermediaries or introducers to assist in winning new business will need to ensure that any payments to these people can be fully justified and are accurately and transparently recorded in the company's records. Depending on the relationship between the introducer and the ultimate client, it may well be that the acceptance of the payment by the introducer (if hidden from the client) would be regarded as ‘improper’, such that the payment to the introducer could be regarded as a bribe.

Further, a sub-contractor, depending on the services it performs, may be regarded as a person ‘associated with’ the main contractor, such that the main contractor could have a potential criminal liability if the sub-contractor pays a bribe in connection with the main contractor’s business. The main contractor will therefore need to have procedures in place to satisfy itself, so far as possible, that the sub-contractor will not engage in such conduct.

With a programme in place, a company will be better positioned to deal with the fall-out should it discover an instance of bribery, and if it self-reports it will substantially mitigate the risk of prosecution. However, companies cannot make a decision on whether to self-report bribery without regard to the Proceeds of Crime legislation and the possible need to make a disclosure to SOCA under that regime. Any company that decides against a disclosure to SOCA because it wants to keep the bribery under wraps runs the risk of exposing both the directors and company to criminal investigations for bribery and money laundering.